Patches to add --no-client-reconnect CLI option to bfgminer 3.10.0, cgminer 3.7.2, and sgminer 4.1.153

README.md

These patches add a new CLI option: --no-client-reconnect. The changes are adapted from Kalroth's cgminer fork to be compatible with BFGMiner, CGMiner, and SGMiner. This solves a few reported security issues.

Usage

Patches can be applied to the source in a number of ways...

BFGMiner

# In a git clone:
git checkout bfgminer-3.10.0 && git checkout -b no-client-reconnect && git apply path/to/bfgminer.diff
# In a source archive:
patch -p1 -d path/to/bfgminer/source -i path/to/bfgminer.diff

CGMiner

# In a git clone:
git checkout v3.7.2 && git checkout -b no-client-reconnect && git apply path/to/cgminer.diff
# In a source archive:
patch -p1 -d path/to/cgminer/source -i path/to/cgminer.diff

SGMiner

# In a git clone:
git checkout 4.1.153 && git checkout -b no-client-reconnect && git apply path/to/sgminer.diff
# In a source archive:
patch -p1 -d path/to/sgminer/source -i path/to/sgminer.diff

Use With Pick

If you're using pick (which you should, if you frequently switch between miners) use the following (substituting everything after -- with the options you want to configure the miner with):

# Reinstall and apply the patch to bfgminer
pick install --reinstall -p https://gist.githubusercontent.com/gevans/9846423/raw/bfgminer.diff bfgminer 3.10.0 -- --enable-opencl --enable-scrypt
# Reinstall and apply the patch to cgminer
pick install --reinstall -p https://gist.githubusercontent.com/gevans/9846423/raw/cgminer.diff cgminer 3.7.2 -- --enable-opencl --enable-scrypt
# Reinstall and apply the patch to sgminer
pick install --reinstall -p https://gist.githubusercontent.com/gevans/9846423/raw/sgminer.diff sgminer 4.1.153 -- --enable-opencl --enable-scrypt

bfgminer.diff

From 09f88c7a697274429ff0d907a950e3c3ea56eb1d Mon Sep 17 00:00:00 2001
From: Gabe Evans <gabe@ga.be>
Date: Fri, 28 Mar 2014 17:49:28 -0700
Subject: [PATCH] Add --no-client-reconnect command line option

Patch from Kalroth's cgminer 3.7.2 fork:

    A new --no-client-reconnect command that disables the 'client.reconnect'
    function.

    It looks like there's an exploit that abuses said command, but it is
    still not clear exactly how.

    There's also an additional message when the reconnect happens: "WARNING:
    POTENTIAL CLIENT.EXPLOIT!", but it requires you to be actively
    monitoring your log to catch it, and in which case you already get
    a "Reconnect requested from Pool 0 to 127.0.0.1" message.

    Note that disabling 'client.reconnect' might affect some pools that rely
    on the feature, like pools that you lease your rig to.

    Oh and this is dry-coded. :)
---
 miner.c | 4 ++++
 miner.h | 1 +
 util.c  | 5 +++++
 3 files changed, 10 insertions(+)

diff --git a/miner.c b/miner.c
index 7d50853..446d4ca 100644
--- a/miner.c
+++ b/miner.c
@@ -213,6 +213,7 @@ int opt_api_mcast_port = 4028;
 bool opt_api_network;
 bool opt_delaynet;
 bool opt_disable_pool;
+bool opt_disable_client_reconnect = false;
 static bool no_work;
 char *opt_icarus_options = NULL;
 char *opt_icarus_timing = NULL;
@@ -2100,6 +2101,9 @@ static struct opt_table opt_config_table[] = {
 	OPT_WITHOUT_ARG("--no-pool-disable",
 			opt_set_invbool, &opt_disable_pool,
 			opt_hidden),
+	OPT_WITHOUT_ARG("--no-client-reconnect",
+			opt_set_invbool, &opt_disable_client_reconnect,
+			"Disable 'client.reconnect' stratum functionality"),
 	OPT_WITHOUT_ARG("--no-restart",
 			opt_set_invbool, &opt_restart,
 			"Do not attempt to restart devices that hang"
diff --git a/miner.h b/miner.h
index 9aa9708..8366c11 100644
--- a/miner.h
+++ b/miner.h
@@ -957,6 +957,7 @@ extern int opt_api_port;
 extern bool opt_api_listen;
 extern bool opt_api_network;
 extern bool opt_delaynet;
+extern bool opt_disable_client_reconnect;
 extern bool opt_restart;
 extern char *opt_icarus_options;
 extern char *opt_icarus_timing;
diff --git a/util.c b/util.c
index 6a3f8f1..9f6a4a9 100644
--- a/util.c
+++ b/util.c
@@ -1982,6 +1982,11 @@ static bool parse_diff(struct pool *pool, json_t *val)
 
 static bool parse_reconnect(struct pool *pool, json_t *val)
 {
+	if (opt_disable_client_reconnect)
+		return false;
+
+	applog(LOG_ERR, "WARNING: POTENTIAL CLIENT.EXPLOIT!");
+
 	const char *url;
 	char address[256];
 	json_t *port_json;
-- 
1.8.4.3

cgminer.diff

From 04287cd50c087276636d0b1a10b07838fb36ebc9 Mon Sep 17 00:00:00 2001
From: Gabe Evans <gabe@ga.be>
Date: Fri, 28 Mar 2014 17:30:22 -0700
Subject: [PATCH] Add --no-client-reconnect command line option

Patch from Kalroth's cgminer 3.7.2 fork:

    A new --no-client-reconnect command that disables the 'client.reconnect'
    function.

    It looks like there's an exploit that abuses said command, but it is
    still not clear exactly how.

    There's also an additional message when the reconnect happens: "WARNING:
    POTENTIAL CLIENT.EXPLOIT!", but it requires you to be actively
    monitoring your log to catch it, and in which case you already get
    a "Reconnect requested from Pool 0 to 127.0.0.1" message.

    Note that disabling 'client.reconnect' might affect some pools that rely
    on the feature, like pools that you lease your rig to.

    Oh and this is dry-coded. :)
---
 cgminer.c | 4 ++++
 miner.h   | 1 +
 util.c    | 5 +++++
 3 files changed, 10 insertions(+)

diff --git a/cgminer.c b/cgminer.c
index b5199ff..58e9ecb 100644
--- a/cgminer.c
+++ b/cgminer.c
@@ -165,6 +165,7 @@ int opt_api_mcast_port = 4028;
 bool opt_api_network;
 bool opt_delaynet;
 bool opt_disable_pool;
+bool opt_disable_client_reconnect = false;
 static bool no_work;
 char *opt_icarus_options = NULL;
 char *opt_icarus_timing = NULL;
@@ -1308,6 +1309,9 @@ static struct opt_table opt_config_table[] = {
 	OPT_WITHOUT_ARG("--no-pool-disable",
 			opt_set_invbool, &opt_disable_pool,
 			opt_hidden),
+	OPT_WITHOUT_ARG("--no-client-reconnect",
+			opt_set_invbool, &opt_disable_client_reconnect,
+			"Disable 'client.reconnect' stratum functionality"),
 	OPT_WITHOUT_ARG("--no-restart",
 			opt_set_invbool, &opt_restart,
 #ifdef HAVE_OPENCL
diff --git a/miner.h b/miner.h
index 2b0a173..a5f9cd0 100644
--- a/miner.h
+++ b/miner.h
@@ -1034,6 +1034,7 @@ extern int opt_api_port;
 extern bool opt_api_listen;
 extern bool opt_api_network;
 extern bool opt_delaynet;
+extern bool opt_disable_client_reconnect;
 extern bool opt_restart;
 extern bool opt_nogpu;
 extern char *opt_icarus_options;
diff --git a/util.c b/util.c
index f5472c3..82d07ed 100644
--- a/util.c
+++ b/util.c
@@ -1667,6 +1667,11 @@ static bool parse_diff(struct pool *pool, json_t *val)
 
 static bool parse_reconnect(struct pool *pool, json_t *val)
 {
+	if (opt_disable_client_reconnect)
+		return false;
+
+	applog(LOG_ERR, "WARNING: POTENTIAL CLIENT.EXPLOIT!");
+
 	char *url, *port, address[256];
 
 	memset(address, 0, 255);
-- 
1.8.4.3

sgminer.diff

From 5081fa04a4241aa38ea282cb27add4fee63d84a8 Mon Sep 17 00:00:00 2001
From: Gabe Evans <gabe@ga.be>
Date: Fri, 28 Mar 2014 17:42:53 -0700
Subject: [PATCH] Add --no-client-reconnect command line option

Patch from Kalroth's cgminer 3.7.2 fork:

    A new --no-client-reconnect command that disables the 'client.reconnect'
    function.

    It looks like there's an exploit that abuses said command, but it is
    still not clear exactly how.

    There's also an additional message when the reconnect happens: "WARNING:
    POTENTIAL CLIENT.EXPLOIT!", but it requires you to be actively
    monitoring your log to catch it, and in which case you already get
    a "Reconnect requested from Pool 0 to 127.0.0.1" message.

    Note that disabling 'client.reconnect' might affect some pools that rely
    on the feature, like pools that you lease your rig to.

    Oh and this is dry-coded. :)
---
 miner.h   | 1 +
 sgminer.c | 4 ++++
 util.c    | 5 +++++
 3 files changed, 10 insertions(+)

diff --git a/miner.h b/miner.h
index ba515e3..54120a2 100644
--- a/miner.h
+++ b/miner.h
@@ -981,6 +981,7 @@ extern int opt_api_port;
 extern bool opt_api_listen;
 extern bool opt_api_network;
 extern bool opt_delaynet;
+extern bool opt_disable_client_reconnect;
 extern time_t last_getwork;
 extern bool opt_restart;
 extern bool opt_worktime;
diff --git a/sgminer.c b/sgminer.c
index 9a30c73..2d423d0 100644
--- a/sgminer.c
+++ b/sgminer.c
@@ -145,6 +145,7 @@ int opt_api_mcast_port = 4028;
 bool opt_api_network;
 bool opt_delaynet;
 bool opt_disable_pool;
+bool opt_disable_client_reconnect = false;
 static bool no_work;
 bool opt_worktime;
 #if defined(HAVE_LIBCURL) && defined(CURL_HAS_KEEPALIVE)
@@ -1227,6 +1228,9 @@ static struct opt_table opt_config_table[] = {
 	OPT_WITHOUT_ARG("--no-pool-disable",
 			opt_set_invbool, &opt_disable_pool,
 			opt_hidden),
+	OPT_WITHOUT_ARG("--no-client-reconnect",
+			opt_set_invbool, &opt_disable_client_reconnect,
+			"Disable 'client.reconnect' stratum functionality"),
 	OPT_WITHOUT_ARG("--no-restart",
 			opt_set_invbool, &opt_restart,
 			"Do not attempt to restart GPUs that hang"),
diff --git a/util.c b/util.c
index 1d1ed24..bf8c6e4 100644
--- a/util.c
+++ b/util.c
@@ -1675,6 +1675,11 @@ static void __suspend_stratum(struct pool *pool)
 
 static bool parse_reconnect(struct pool *pool, json_t *val)
 {
+	if (opt_disable_client_reconnect)
+		return false;
+
+	applog(LOG_ERR, "WARNING: POTENTIAL CLIENT.EXPLOIT!");
+
 	char *sockaddr_url, *stratum_port, *tmp;
 	char *url, *port, address[256];
 
-- 
1.8.4.3

Every project you mention are hosted on GH, have you already opened a pull request for each one?

I haven't. I think the client.reconnect functionality can be useful for pools and there are better solutions than disabling features of the protocol. I feel like this is a hack and shouldn't be added into every miner. Having said that, it does temporarily solve a problem.

@gionn Kalroth's fix has been merged into sgminer git master verbatim and then slightly modified.

@gevans I tend to agree, I'll remove (or at least rename and hide) the option as soon as it's no longer an issue.